Prev: Conference Room as a Resource
Next: Message-ID in outbound header
From: M on 1 Feb 2010 16:59
Hello:

I've been looking for info on what exactly gets wiped and the wiping
algorithm. So far the best info I found was from the article below. I still
need some clarification on the following:

1.) Does the remote wipe algorithm meet any accepted IT security standards
(DoD, NSA, et al.)?
2.) With Exchange Server 2003 SP2, does the remote wipe on a Windows Mobile
6 device also wipe removable storage card, or is this feature only on
Exchange Server 2007?

"Security Considerations on the Exchange Server"
http://technet.microsoft.com/en-us/library/cc182279.aspx

Local and Remote Device Wipe

When a mobile device is lost or stolen, the potential security risk can be
significant. Mobile devices often contain sensitive business data, including
personally identifiable information of employees and customers, sensitive
e-mail messages, and other items. Exchange ActiveSync helps address this
risk by providing two levels of device wipe capability for Windows Mobile
5.0 powered devices with MSFP or later.

Wiping the device locally or remotely has the effect of performing a factory
or "hard" reset; all programs, data, and user-specific settings are removed
from the device. The Windows Mobile device wipe implementation wipes all
data, settings, and private key material on the device by overwriting the
device memory with a fixed bit pattern, greatly increasing the difficulty of
recovering data from a wiped device.

Note:
Device wipe in Windows Mobile 6 includes wiping the removable storage card.

--
Thank you.

Regards,
M
MCTS, MCSA


From: Rich Matheisen [MVP] on 1 Feb 2010 23:34
On Mon, 1 Feb 2010 16:59:57 -0500, "M" <m(a)n.com> wrote:

>I've been looking for info on what exactly gets wiped and the wiping
>algorithm.

That really depends on the device and the firmware/software it's
running. You'd probably get a better answer to the question in a forum
the focuses on the devices themselves.
---
Rich Matheisen
MCSE+I, Exchange MVP
From: M on 3 Feb 2010 09:49
I'm surprise that I couldn't find more info about this. It seems like a
security hole if the wiping algorithm isn't that good and the wiped data
could be easily recovered.

--
Regards,
M
MCTS, MCSA
"Rich Matheisen [MVP]" <richnews(a)rmcons.com.NOSPAM.COM> wrote in message
news:mmafm5ljtnpvg2gha9o3gck30u44gqlftr(a)4ax.com...
> On Mon, 1 Feb 2010 16:59:57 -0500, "M" <m(a)n.com> wrote:
>
>>I've been looking for info on what exactly gets wiped and the wiping
>>algorithm.
>
> That really depends on the device and the firmware/software it's
> running. You'd probably get a better answer to the question in a forum
> the focuses on the devices themselves.
> ---
> Rich Matheisen
> MCSE+I, Exchange MVP


 | 
Pages: 1
Prev: Conference Room as a Resource
Next: Message-ID in outbound header